moneymakingleadz.com Open in urlscan Pro
104.21.33.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://moneymakingleadz.com/
Submission: On October 27 via automatic, source certstream-suspicious (October 27th 2021, 12:31:47 am UTC) — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 35 HTTP transactions. The main IP is 104.21.33.38, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneymakingleadz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.

This is the only time moneymakingleadz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.33.38 104.21.33.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	185.59.220.17 185.59.220.17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
6	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
2 6	18.66.122.53 18.66.122.53	16509 (AMAZON-02) (AMAZON-02)
1	104.26.4.244 104.26.4.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	52.18.183.31 52.18.183.31	16509 (AMAZON-02) (AMAZON-02)
2	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
35	18

1 104.21.33.38 (United States)

ASN13335 (CLOUDFLARENET, US)

moneymakingleadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.59.220.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-10.cdn77.com

fast.discoverheal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.122.53 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.244 (United States)

ASN13335 (CLOUDFLARENET, US)

ssl.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.183.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	adroll.com 2 redirects s.adroll.com d.adroll.com	21 KB
7	discoverheal.com fast.discoverheal.com	948 KB
6	gstatic.com fonts.gstatic.com	183 KB
2	facebook.com www.facebook.com	404 B
2	facebook.net connect.facebook.net	114 KB
2	google-analytics.com www.google-analytics.com	55 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
1	google.de www.google.de	519 B
1	google.com www.google.com	519 B
1	luckyorange.net settings.luckyorange.net	827 B
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	luckyorange.com ssl.luckyorange.com	3 KB
1	googletagmanager.com www.googletagmanager.com	63 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	moneymakingleadz.com moneymakingleadz.com	1 KB
35	16

	Domain	Requested by
7	fast.discoverheal.com	moneymakingleadz.com fast.discoverheal.com
6	s.adroll.com	2 redirects www.googletagmanager.com fast.discoverheal.com s.adroll.com
6	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	fast.discoverheal.com
2	connect.facebook.net	moneymakingleadz.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	d.adroll.com	s.adroll.com
1	www.google.de	fast.discoverheal.com
1	www.google.com	fast.discoverheal.com
1	settings.luckyorange.net	ssl.luckyorange.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ssl.luckyorange.com	www.googletagmanager.com
1	www.googletagmanager.com	fast.discoverheal.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	fast.discoverheal.com
1	ajax.googleapis.com	fast.discoverheal.com
1	moneymakingleadz.com
35	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-27` - `2022-10-26`	a year	crt.sh
1333180052.rsc.cdn77.org R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://moneymakingleadz.com/
Frame ID: E6905A310A11EDA2820BFC79F4CB8458
Requests: 1 HTTP requests in this frame

Frame: https://fast.discoverheal.com/CAPTURE3/?u=170301
Frame ID: 3BCA221A04BC33BB4FFD456F5A2162FF
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WORK FROM HOME - Be Your Own BOSS

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

18
IPs

3
Countries

1445 kB
Transfer

2245 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://s.adroll.com/j/exp/OFJWR2KLYNGNZICH3HACHP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 26

https://s.adroll.com/j/pre/OFJWR2KLYNGNZICH3HACHP/E2MHOKEF7FAZFHIPP27NF6/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
moneymakingleadz.com/ 1 KB
1 KB 393ms
355ms Document
text/html 104.21.33.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymakingleadz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.33.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade90aa48163bd94d95ee6a2ceb9c78ab2474cf8b402c707662c9b44175c8f09

Request headers

:method: GET
:authority: moneymakingleadz.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 27 Oct 2021 00:31:42 GMT
content-type: text/html; charset=utf-8
x-served-by: Namecheap URL Forward
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdzS50yu0LKKYKyWmk%2B58%2B8vnH1ZtMoeqrP%2FwkEFyqF0eeAReaEPP11tGuGMnvY%2FJFrzPJHVDdfMucUmeoNki53hRSWdTfqizv6IpCaf%2Bt99M6uslxihYbhMsMmc%2BSJgOgIv1oykag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a47d2af08df413e-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
fast.discoverheal.com/CAPTURE3/ Frame 3BCA 6 KB
2 KB 350ms
308ms Document
text/html 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Requested by: Host: moneymakingleadz.com
URL: https://moneymakingleadz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: b2d8660e0fe478467ded75b8c1e09cb4641ac91615dae227f3d972c0bc847d28

Request headers

:method: GET
:authority: fast.discoverheal.com
:scheme: https
:path: /CAPTURE3/?u=170301
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://moneymakingleadz.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moneymakingleadz.com/

Response headers

date: Wed, 27 Oct 2021 00:31:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
x-accel-expires: @1635381102
server: CDN77-Turbo
x-77-nzt: Abk73BAUaY6x
x-77-nzt-ray: HrwS6Lvlsc0=
x-cache: MISS
x-77-pop: frankfurtDE
x-77-cache: MISS
content-encoding: br

GET
H2 200 normalize.css
fast.discoverheal.com/CAPTURE3/css/ Frame 3BCA 8 KB
3 KB 266ms
266ms Stylesheet
text/css 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.discoverheal.com/CAPTURE3/css/normalize.css
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/?u=170301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BDjbF6x
x-accel-expires: @1637886702
date: Wed, 27 Oct 2021 00:31:42 GMT
content-encoding: br
etag: W/"5f6a02a5-1e5c"
last-modified: Tue, 22 Sep 2020 13:56:53 GMT
server: CDN77-Turbo
x-77-nzt-ray: dywoX968cN0=
vary: Accept-Encoding
x-77-cache: MISS
content-type: text/css
cache-control: max-age=2592000
x-cache: MISS
x-77-pop: frankfurtDE
expires: Fri, 26 Nov 2021 00:31:42 GMT

GET
H2 200 components.css
fast.discoverheal.com/CAPTURE3/css/ Frame 3BCA 38 KB
9 KB 394ms
394ms Stylesheet
text/css 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.discoverheal.com/CAPTURE3/css/components.css
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/?u=170301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BAb9Wqx
x-accel-expires: @1637886703
date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
etag: W/"5f6a02a5-988f"
last-modified: Tue, 22 Sep 2020 13:56:53 GMT
server: CDN77-Turbo
x-77-nzt-ray: n9/aIq4Ni+M=
vary: Accept-Encoding
x-77-cache: MISS
content-type: text/css
cache-control: max-age=2592000
x-cache: MISS
x-77-pop: frankfurtDE
expires: Fri, 26 Nov 2021 00:31:42 GMT

GET
H2 200 heal-cp-5-ct.css
fast.discoverheal.com/CAPTURE3/css/ Frame 3BCA 11 KB
2 KB 388ms
387ms Stylesheet
text/css 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.discoverheal.com/CAPTURE3/css/heal-cp-5-ct.css
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5774f64bd07da4d4b19678eacbdeef6172722264ffd710a962651db83a44fb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/?u=170301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BD63oax
x-accel-expires: @1637886703
date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
etag: W/"5f6a02a5-2d78"
last-modified: Tue, 22 Sep 2020 13:56:53 GMT
server: CDN77-Turbo
x-77-nzt-ray: m+IF57q8dQY=
vary: Accept-Encoding
x-77-cache: MISS
content-type: text/css
cache-control: max-age=2592000
x-cache: MISS
x-77-pop: frankfurtDE
expires: Fri, 26 Nov 2021 00:31:42 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame 3BCA 13 KB
6 KB 29ms
7ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 26 Oct 2022 14:04:45 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ Frame 3BCA 87 KB
31 KB 430ms
405ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5f2428b9ea94f0738bffa690
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://fast.discoverheal.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:44 GMT
content-encoding: gzip
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: yxPeVcTZucLDzOEFwdLa6aj_tz91qblj8KjOISpiUgiJn3CNAPi1Sg==
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)

GET
H2 200 heal-cp-5-ct.js Show response
fast.discoverheal.com/CAPTURE3/js/ Frame 3BCA 160 KB
47 KB 387ms
387ms Script
application/javascript 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.discoverheal.com/CAPTURE3/js/heal-cp-5-ct.js
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 05c4aa2304e699ed707b832e8761047eef6fedd0bc05e5694702a15c2f7fe091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/?u=170301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BCY83Sx
x-accel-expires: @1637886703
date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
etag: W/"5f6a02a6-28005"
last-modified: Tue, 22 Sep 2020 13:56:54 GMT
server: CDN77-Turbo
x-77-nzt-ray: i+wDrEN6XvM=
vary: Accept-Encoding
x-77-cache: MISS
content-type: application/javascript
cache-control: max-age=2592000
x-cache: MISS
x-77-pop: frankfurtDE
expires: Fri, 26 Nov 2021 00:31:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3BCA 36 KB
2 KB 47ms
25ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CGochi+Hand:regular%7CYellowtail:regular%7CNothing+You+Could+Do:regular%7CExo+2:regular,500,600,700,800,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

c472dfc6422ac1127c241e86b1781d2ae8119d52888f2997503df601ce71b884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:31:43 GMT
server: ESF
date: Wed, 27 Oct 2021 00:31:43 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 00:31:43 GMT

GET
H2 200 home2.jpg
fast.discoverheal.com/CAPTURE3/images/ Frame 3BCA 881 KB
882 KB 104ms
104ms Image
image/jpeg 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.discoverheal.com/CAPTURE3/images/home2.jpg
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/css/heal-cp-5-ct.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 1dfa0c23d293587023a28a4ffa73edf7c54affcb75853c5fed1c2da25e910405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/css/heal-cp-5-ct.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BDj8JCx
x-accel-expires: @1637886703
date: Wed, 27 Oct 2021 00:31:43 GMT
etag: "5f6a02a6-dc4c9"
last-modified: Tue, 22 Sep 2020 13:56:54 GMT
server: CDN77-Turbo
x-77-nzt-ray: 7T6pIvJSiFE=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
x-cache: MISS
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 902345
expires: Fri, 26 Nov 2021 00:31:43 GMT

GET
H2 200 Grey-Arrow-Lft.png
fast.discoverheal.com/CAPTURE3/images/ Frame 3BCA 2 KB
2 KB 101ms
101ms Image
image/png 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.discoverheal.com/CAPTURE3/images/Grey-Arrow-Lft.png
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/css/heal-cp-5-ct.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2612c3a09e73d5bdd087a9b36b6cc4ff5905d8304d783c7518c4905d7a10265c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/CAPTURE3/css/heal-cp-5-ct.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BCKh8qx
x-accel-expires: @1637886703
date: Wed, 27 Oct 2021 00:31:43 GMT
etag: "5f6a02a5-6ad"
last-modified: Tue, 22 Sep 2020 13:56:53 GMT
server: CDN77-Turbo
x-77-nzt-ray: ubhLYjv6Bm8=
x-77-cache: MISS
content-type: image/png
cache-control: max-age=2592000
x-cache: MISS
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 1709
expires: Fri, 26 Nov 2021 00:31:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 3BCA 44 KB
44 KB 34ms
6ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CGochi+Hand:regular%7CYellowtail:regular%7CNothing+You+Could+Do:regular%7CExo+2:regular,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 453929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 18:26:14 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 3BCA 47 KB
47 KB 42ms
20ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:17:28 GMT
x-content-type-options: nosniff
age: 404055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 08:17:28 GMT

GET
H2 200 hES06XlsOjtJsgCkx1Pkfon_-w.woff2
fonts.gstatic.com/s/gochihand/v11/ Frame 3BCA 19 KB
20 KB 44ms
23ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gochihand/v11/hES06XlsOjtJsgCkx1Pkfon_-w.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5781268d237548744495c4ec1f3ec7f7d289ac5c3d5bdc70e2d47221e7aee3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:24:31 GMT
x-content-type-options: nosniff
age: 472032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19924
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 13:24:31 GMT

GET
H2 200 OZpGg_pnoDtINPfRIlLohlvHwQ.woff2
fonts.gstatic.com/s/yellowtail/v11/ Frame 3BCA 18 KB
18 KB 39ms
18ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yellowtail/v11/OZpGg_pnoDtINPfRIlLohlvHwQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1e710eb08073ef706dd0949a3a42bc3ba4b6f403bbba300605162a07e81ac82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 09:24:03 GMT
x-content-type-options: nosniff
age: 400060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18304
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:48:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 09:24:03 GMT

GET
H2 200 oY1B8fbBpaP5OX3DtrRYf_Q2BPB1SnfZb3OOnVs.woff2
fonts.gstatic.com/s/nothingyoucoulddo/v10/ Frame 3BCA 16 KB
16 KB 38ms
17ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nothingyoucoulddo/v10/oY1B8fbBpaP5OX3DtrRYf_Q2BPB1SnfZb3OOnVs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9dd05fca83ebd0023e326ddefd2427bf2aeab012dfe83d103e87063c95590f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:00:15 GMT
x-content-type-options: nosniff
age: 405088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16084
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:47:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 08:00:15 GMT

GET
H2 200 7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v10/ Frame 3BCA 39 KB
39 KB 45ms
25ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v10/7cHmv4okm5zmbtYoK-4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7b0c93ac0aae114510c15f0e7b1e4973ec408a5b480d3f39f43cd336bc640829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fast.discoverheal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:08:24 GMT
x-content-type-options: nosniff
age: 109399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39496
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:03:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:08:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 3BCA 179 KB
63 KB 49ms
27ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCPDFWN

Requested by

Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

f38a68ccf20cb45592efda44286aff6c95e80d0408d99d41a77efdaf235b1f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 64526
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Oct 2021 00:31:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3BCA 49 KB
20 KB 26ms
6ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCPDFWN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 1869
date: Wed, 27 Oct 2021 00:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Wed, 27 Oct 2021 02:00:34 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 3BCA 47 KB
16 KB 47ms
7ms Script
text/javascript 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCPDFWN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb426d72df39344445d8b50dff8ed27b1053c46a7887a74f4317b50e48f16df4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: 1rXbtqqCs1CJhoMvKSJF8ngwdb8MEoko
Content-Encoding: gzip
Etag: W/"93a405c06e7b6caa55a9b7431558ca41"
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 26 Oct 2021 13:47:05 GMT
Server: AmazonS3
Date: Wed, 27 Oct 2021 00:00:49 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: BBszjBcQdcJaLxjvTnKDfGuz2qo4byNdEfY1Fca8YR-Qu42L3DmqNQ==

GET
H2 200 w.js Show response
ssl.luckyorange.com/ Frame 3BCA 5 KB
3 KB 77ms
27ms Script
application/javascript 104.26.4.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.luckyorange.com/w.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCPDFWN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2167
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
content-encoding: br
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: cloudflare
etag: W/"7ad74b945ef7019a5ff78b8e45bc1a20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T0bV1yCGF%2FnoWln64qcPnNSKA3rmAeEw5K77nKRFhfoc0FqrSq2fLxsiWE6M3ixz3m2tu3FVUmN8HpcKsm3%2FT3Aqfg3sK3IxFRV2vdJwE7puBqYLu%2FYRXJERQr8JXtN76Cc8xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: PRG50-C1
cf-ray: 6a47d2b89dd74138-PRG
x-amz-cf-id: DOVSNQMDCH7jaPT_jfc6PJ21lvwj2QaKpgH0AL6QoLOLMagwHuHk0A==
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3BCA 37 KB
15 KB 43ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCPDFWN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14435
x-xss-protection: 0
server: cafe
etag: 3499052782129861849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 00:31:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3BCA 98 KB
26 KB 21ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: moneymakingleadz.com
URL: https://moneymakingleadz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: JV7g8v1uzWwdOWUaxpS8YeN9KwUGo3cqiIxm7J436pYJ2Qdny13hQtfjjLat6JjhprAPMNLTWfuCN8k8/tqjBw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 27 Oct 2021 00:31:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 248065596355216 Show response
connect.facebook.net/signals/config/ Frame 3BCA 308 KB
88 KB 199ms
199ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/248065596355216?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

e6e2360e1d4432e42ef06d3161c5c80a910b2f35fa4ff5ad764c7941199d7160

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: s54Lbg9/P52a6BbisnBxGDxlAmXTWGzB3pjZ8RgYqCZAhRjpwNSUEUZ0IXJ/RNVPEZm4n+RmFYh64xoIucYopw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 27 Oct 2021 00:31:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ Frame 3BCA 89 KB
35 KB 35ms
21ms Script
application/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T398R3H&t=gtm4&cid=245392571.1635294703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

1161ad286ade0adaca1758f6642238fa1d15ca2fcfb4b30070de9b540a566165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35701
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Oct 2021 00:31:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/641951621/ Frame 3BCA 2 KB
2 KB 69ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/641951621/?random=1635294703454&cv=9&fst=1635294703454&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&ref=https%3A%2F%2Fmoneymakingleadz.com%2F&tiba=*%20%231%20Work%20From%20Home%20*%20System!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d4530d0da3a13129f1da86985d20dc6daafdc26aa75aeb3a98ca66c75c7c88f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 3BCA
Redirect Chain

https://s.adroll.com/j/exp/OFJWR2KLYNGNZICH3HACHP/index.js
https://s.adroll.com/j/exp/index.js

28 B
750 B

12ms
8ms

Script
application/javascript

18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Tue, 26 Oct 2021 02:33:01 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nIw-LHbKthuR_IF4J35h2SaWvOEA23S4dRX6hbe6jjdtt7PuAVJrzQ==

Redirect headers

Date: Wed, 27 Oct 2021 00:25:03 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Amz-Cf-Id: WUQxU8_QOSh1iiH9Vv9fRDuFvD-V8VBAMoGBMa3z9ovHJQt0BM3-gQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/ Frame 3BCA
Redirect Chain

https://s.adroll.com/j/pre/OFJWR2KLYNGNZICH3HACHP/E2MHOKEF7FAZFHIPP27NF6/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
721 B

7ms
7ms

Script
application/javascript

18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 26 Oct 2021 01:00:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: f2LoNLyYjJSWbdzaThOVxdCtaJxDTKdjP1Y1htV3i75yhb8euevpsg==

Redirect headers

Date: Tue, 26 Oct 2021 03:06:31 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Amz-Cf-Id: JJrgW-r15Mjo5aTcP-HHgL1ImBDp6Rk9ALAhOjpM76s32ah54JrPlg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/OFJWR2KLYNGNZICH3HACHP/E2MHOKEF7FAZFHIPP27NF6/ Frame 3BCA 4 KB
3 KB 23ms
9ms Script
text/javascript 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/OFJWR2KLYNGNZICH3HACHP/E2MHOKEF7FAZFHIPP27NF6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: z8DEEWXQndPUMDyYQ7X7afak250Udqzw
Content-Encoding: gzip
Etag: W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Sat, 23 Oct 2021 03:08:56 GMT
Server: AmazonS3
Date: Wed, 27 Oct 2021 00:17:32 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: hzqJfC4tC4dgy8f7CWPyyndQI3CdRxwV6Kv4IjUUQS1llPydzgn0XQ==

GET
H2 200 / Show response
settings.luckyorange.net/ Frame 3BCA 129 B
827 B 269ms
226ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&s=194521

Requested by

Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77023e14e7359d4871d9c8704b2fa6c987044b67ecf469b75c9959fae04c12a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fast.discoverheal.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHMXSMmi2OJK4q1OiIrdSHDyjO%2ByBS5UG8huNK1HDAWqv%2FgkCZboyyKUV1HGM%2B6XTwRAiX4WFDHRzg9fM8CN%2BXl8E1wubJEeNpfnLQe37AbS%2B%2FVoWDDkJCpl8%2Fstxc89Dwzz952EncKEaA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6a47d2b90e3a27b8-PRG
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 /
www.google.com/pagead/1p-user-list/641951621/ Frame 3BCA 42 B
519 B 41ms
18ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/641951621/?random=1635294703454&cv=9&fst=1635292800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=2&url=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&ref=https%3A%2F%2Fmoneymakingleadz.com%2F&tiba=*%20%231%20Work%20From%20Home%20*%20System!&async=1&fmt=3&is_vtc=1&random=1245838422&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 00:31:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/641951621/ Frame 3BCA 42 B
519 B 42ms
20ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/641951621/?random=1635294703454&cv=9&fst=1635292800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=2&url=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&ref=https%3A%2F%2Fmoneymakingleadz.com%2F&tiba=*%20%231%20Work%20From%20Home%20*%20System!&async=1&fmt=3&is_vtc=1&random=1245838422&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 00:31:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OFJWR2KLYNGNZICH3HACHP Show response
d.adroll.com/consent/check/ Frame 3BCA 25 B
117 B 105ms
31ms Script
application/javascript 52.18.183.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/OFJWR2KLYNGNZICH3HACHP?arrfrr=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&_s=f67b0dff14f5eba582422592e8793820&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.183.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 42cad272a828cfc37f3fdd033bafffe3e4c6aaddf6e3c7481fe10834a7cb0769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
server: nginx/1.20.0
content-length: 25
content-type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ Frame 3BCA 44 B
313 B 21ms
6ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248065596355216&ev=PageView&dl=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&rl=https%3A%2F%2Fmoneymakingleadz.com%2F&if=true&ts=1635294703659&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%223352960394788126%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22330960971538044%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22667806510838523%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%224561602113911009%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&it=1635294703431&coo=false&rqm=GET

Requested by

Host: fast.discoverheal.com
URL: https://fast.discoverheal.com/CAPTURE3/?u=170301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 27 Oct 2021 00:31:43 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 3BCA 44 B
91 B 15ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248065596355216&ev=Microdata&dl=https%3A%2F%2Ffast.discoverheal.com%2FCAPTURE3%2F%3Fu%3D170301&rl=https%3A%2F%2Fmoneymakingleadz.com%2F&if=true&ts=1635294704164&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22*%20%231%20Work%20From%20Home%20*%20System!%22%2C%22meta%3Adescription%22%3A%22Broken%20Down%20Into%203%20Simple%20Steps%20ANYONE%20Can%20Do%20-%20From%20ANYWHERE!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22*%20%231%20Work%20From%20Home%20*%20System!%22%2C%22og%3Adescription%22%3A%22Broken%20Down%20Into%203%20Simple%20Steps%20ANYONE%20Can%20Do%20-%20From%20ANYWHERE!%22%2C%22twitter%3Atitle%22%3A%22*%20%231%20Work%20From%20Home%20*%20System!%22%2C%22twitter%3Adescription%22%3A%22Broken%20Down%20Into%203%20Simple%20Steps%20ANYONE%20Can%20Do%20-%20From%20ANYWHERE!%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&it=1635294703431&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.discoverheal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:31:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 27 Oct 2021 00:31:44 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 22:14:55	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
d.adroll.com
d3e54v103j8qbb.cloudfront.net
fast.discoverheal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
moneymakingleadz.com
s.adroll.com
settings.luckyorange.net
ssl.luckyorange.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.21.33.38
104.26.4.244
142.250.181.228
142.250.184.234
142.250.185.130
142.250.185.131
142.250.185.238
142.250.186.138
142.250.186.162
142.250.186.35
157.240.20.19
157.240.20.35
172.217.18.104
172.67.75.100
18.66.122.53
185.59.220.17
52.18.183.31
52.222.232.39
05c4aa2304e699ed707b832e8761047eef6fedd0bc05e5694702a15c2f7fe091
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1161ad286ade0adaca1758f6642238fa1d15ca2fcfb4b30070de9b540a566165
1dfa0c23d293587023a28a4ffa73edf7c54affcb75853c5fed1c2da25e910405
1e710eb08073ef706dd0949a3a42bc3ba4b6f403bbba300605162a07e81ac82b
2612c3a09e73d5bdd087a9b36b6cc4ff5905d8304d783c7518c4905d7a10265c
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
42cad272a828cfc37f3fdd033bafffe3e4c6aaddf6e3c7481fe10834a7cb0769
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5774f64bd07da4d4b19678eacbdeef6172722264ffd710a962651db83a44fb51
5781268d237548744495c4ec1f3ec7f7d289ac5c3d5bdc70e2d47221e7aee3b5
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921
7b0c93ac0aae114510c15f0e7b1e4973ec408a5b480d3f39f43cd336bc640829
7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9dd05fca83ebd0023e326ddefd2427bf2aeab012dfe83d103e87063c95590f96
ade90aa48163bd94d95ee6a2ceb9c78ab2474cf8b402c707662c9b44175c8f09
b2d8660e0fe478467ded75b8c1e09cb4641ac91615dae227f3d972c0bc847d28
c472dfc6422ac1127c241e86b1781d2ae8119d52888f2997503df601ce71b884
d4530d0da3a13129f1da86985d20dc6daafdc26aa75aeb3a98ca66c75c7c88f2
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2360e1d4432e42ef06d3161c5c80a910b2f35fa4ff5ad764c7941199d7160
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38a68ccf20cb45592efda44286aff6c95e80d0408d99d41a77efdaf235b1f0b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f77023e14e7359d4871d9c8704b2fa6c987044b67ecf469b75c9959fae04c12a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb426d72df39344445d8b50dff8ed27b1053c46a7887a74f4317b50e48f16df4
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

moneymakingleadz.com Open in urlscan Pro 104.21.33.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

0 %IPv6

16 Domains

18 Subdomains

18 IPs

3 Countries

1445 kBTransfer

2245 kBSize

1 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

moneymakingleadz.com Open in urlscan Pro
104.21.33.38 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

18
IPs

3
Countries

1445 kB
Transfer

2245 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions